FEDORA-2016-d3a56228f5

security update in Fedora 22 for qemu

Status: stable 3 years ago
  • CVE-2016-4020: memory leak in kvmvapic.c (bz #1326904)
  • CVE-2016-4439: scsi: esb: OOB write #1 (bz #1337503)
  • CVE-2016-4441: scsi: esb: OOB write #2 (bz #1337506)
  • Fix regression installing windows 7 with qxl/vga (bz #1339267)

How to install

sudo dnf upgrade --advisory=FEDORA-2016-d3a56228f5

Comments 6

This update has been submitted for testing by crobinso.

This update has been pushed to testing.

no regressions noted

karma: +1

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for stable by crobinso.

This update has been pushed to stable.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+1
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 3 years ago
in testing 3 years ago
in stable 3 years ago

Related Bugs 6

00 #1313686 CVE-2016-4020 Qemu: i386: leakage of stack memory to guest in kvmvapic.c
00 #1326904 CVE-2016-4020 qemu: qemu-kvm: Leakage of stack memory to guest in kvmvapic.c [fedora-all]
00 #1337502 CVE-2016-4439 Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in esp_reg_write
00 #1337503 CVE-2016-4439 Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in esp_reg_write [fedora-all]
00 #1337505 CVE-2016-4441 Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in get_cmd
00 #1337506 CVE-2016-4441 Qemu: scsi: esp: OOB write while writing to 's-cmdbuf' in get_cmd [fedora-all]

Automated Test Results